{ "CVE_data_meta" : { "ASSIGNER" : "Secure@Microsoft.com", "ID" : "CVE-2018-8470", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "Internet Explorer 11", "version" : { "version_data" : [ { "version_value" : "Windows 10 for 32-bit Systems" }, { "version_value" : "Windows 10 for x64-based Systems" }, { "version_value" : "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value" : "Windows 10 Version 1607 for x64-based Systems" }, { "version_value" : "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value" : "Windows 10 Version 1703 for x64-based Systems" }, { "version_value" : "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value" : "Windows 10 Version 1709 for x64-based Systems" }, { "version_value" : "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value" : "Windows 10 Version 1803 for x64-based Systems" }, { "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" }, { "version_value" : "Windows 7 for x64-based Systems Service Pack 1" }, { "version_value" : "Windows 8.1 for 32-bit systems" }, { "version_value" : "Windows 8.1 for x64-based systems" }, { "version_value" : "Windows RT 8.1" }, { "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "version_value" : "Windows Server 2012 R2" }, { "version_value" : "Windows Server 2016" } ] } } ] }, "vendor_name" : "Microsoft" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka \"Internet Explorer Security Feature Bypass Vulnerability.\" This affects Internet Explorer 11." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "Security Feature Bypass" } ] } ] }, "references" : { "reference_data" : [ { "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8470", "refsource" : "CONFIRM", "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8470" }, { "name" : "105267", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/105267" }, { "name" : "1041632", "refsource" : "SECTRACK", "url" : "http://www.securitytracker.com/id/1041632" } ] } }